After a person in their customer forum reportedly claimed that they have accessed DomainFactory customer information. In this case, the firm has confirmed that an unauthorized outsider had breached it.
A system message reported on 6 July that upon knowing about the potential breach, the firm is doing a detailed investigation, it is ultimately confirmed that the outsider had tried to steal the customer information, adding that the access route had been secured and that it had contacted all of the customers and suggested that they need to change or update their DomainFactory passwords.
The firm wrote that data protection authorities were notified, and the experts have released an external investigation. The protection of the data of their customers is paramount. Because of all these, they very regret this inconvenience this occurrence causes, very much. DomainFactory has also assured about the customer’s data protection that it will take more strong action to stop similar problems in the future.
On 3 July, the firm has known about this incident. As per the recent report that is available, on 29 January 2018, the information is kept in the hands of external third parties by an information feed after a system transaction.
Some of the critical information is included in this incident such as- Customer names, addresses, email addresses, phone numbers, DomainFactory passwords, dates of birth, bank names and account numbers, and Schufa scores were reportedly in the compromised information.
DomainFactory has immediately taken reasonable steps to find the reason behind this data breach by stopping access, disabling suspicious systems, modifying all of the access data of its employees and instructing an external security firm to assist in a legal inquiry of its system environment.
DomainFactory is trying to take additional security measures to protect customer privacy quickly.
In an 8 July update, the company wrote, in their essential Customer Information that is released on July 7, 2018, they have shown that they are suggested all of the users remove all of the passwords as a precautionary measure.
In response, they have got more inquiries about which accesses should be modified at present exactly.
They have recommended for the customers that they need to change the some of the essential passwords such as- phone passwords, email password, customer passwords, FTP/live disk passwords, SSH passwords and MySQL database passwords.